Wireshark

Overview of Wireshark (Widely-used network protocol analyzer)

Wireshark 3.6.8 and 3.4.16 Released:

September 7, 2022

Wireshark 3.6.8 and 3.4.16 have been released. Installers for Windows, Mac OS X 10.13 and later, and source code are now available.

In Wireshark 3.6.8:

• A vulnerability in the F5 Ethernet Trailer dissector has been fixed. See the release notes for details.
• For a complete list of changes, please refer to the 3.6.8 release notes.

Wireshark is a network protocol analyzer that enables you to capture and examine data from a live network or from a capture file on disk. You can interactively browse the capture data and view summary and detail information for each packet. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

The program,can read capture files from tcpdump (libpcap), NAI Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, snoop, Shomiti Surveyor, AIX s iptrace, Microsoft Network Monitor, Novell s LANalyzer, RADCOM s WAN/LAN Analyzer, HP-UX nettl, ISDN4BSD, Cisco Secure IDS iplog, the pppd log (pppdump-format), and the AG Group s/Wildpacket Etherpeek.

Wireshark can also read traces made from Lucent/Ascend WAN routers and Toshiba ISDN routers. Any of these files can be compressed with gzip and Wireshark will decompress them on the fly.

Features of Wireshark 3

• Deep inspection of hundreds of protocols, with more being added all the time
• Live capture and offline analysis
• Standard three-pane packet browser
• Multi-platform: Runs on Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and many others
• Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
• The most powerful display filters in the industry
• Rich VoIP analysis
• Read/write many different capture file formats
• Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
• Capture files compressed with gzip can be decompressed on the fly
• Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others
• Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
• Coloring rules can be applied to the packet list for quick, intuitive analysis
• Output can be exported to XML, PostScript, CSV, or plain text

System Requirements

• Supported OS: Windows 7/8/10
• Free Hard Disk Space: 100 MB or more